General
-
Target
boatnet.mips.elf
-
Size
23KB
-
Sample
230428-lvhb6sfb4v
-
MD5
3250686efc57237ccff56492e9d6a152
-
SHA1
058d77f26576409cf397455e29756f539d73465d
-
SHA256
e39b59d495995ac656233ec1ce8086ed7bc446cf37afa334b6e03994b4dc6130
-
SHA512
b6d19f5a248b189468e83d776fec46d6808870299f3c4e574e668465a76b253bbb2e7b7eb790ee759988806c8bc48a29dfcb2f8588f1f842e315c5120ecb3f80
-
SSDEEP
384:teD8ZSH2LLZUYyGZbsOiTTVrm/AUcRdjoFEBaFFD4Q7ermdrJgGlzDpH7uNj1JA+:teD8ZSWvZHZbs1Txm+jbBa3D4Q7uirJk
Malware Config
Extracted
mirai
LZRD
Targets
-
-
Target
boatnet.mips.elf
-
Size
23KB
-
MD5
3250686efc57237ccff56492e9d6a152
-
SHA1
058d77f26576409cf397455e29756f539d73465d
-
SHA256
e39b59d495995ac656233ec1ce8086ed7bc446cf37afa334b6e03994b4dc6130
-
SHA512
b6d19f5a248b189468e83d776fec46d6808870299f3c4e574e668465a76b253bbb2e7b7eb790ee759988806c8bc48a29dfcb2f8588f1f842e315c5120ecb3f80
-
SSDEEP
384:teD8ZSH2LLZUYyGZbsOiTTVrm/AUcRdjoFEBaFFD4Q7ermdrJgGlzDpH7uNj1JA+:teD8ZSWvZHZbs1Txm+jbBa3D4Q7uirJk
-
Modifies the Watchdog daemon
Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
-
Writes file to system bin folder
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-